www: fec7aae4: CVEs acquired

markdoliner at pidgin.im markdoliner at pidgin.im
Wed Mar 14 14:10:41 EDT 2012


----------------------------------------------------------------------
Revision: fec7aae4561cd3a03493404e82f725527d2ca90d
Parent:   087c13254ef58024563717e6a9deebbf7276f304
Author:   markdoliner at pidgin.im
Date:     03/14/12 14:09:55
Branch:   im.pidgin.www
URL: http://d.pidgin.im/viewmtn/revision/info/fec7aae4561cd3a03493404e82f725527d2ca90d

Changelog: 

CVEs acquired

Changes against parent 087c13254ef58024563717e6a9deebbf7276f304

  patched  htdocs/news/security/index.php

-------------- next part --------------
============================================================
--- htdocs/news/security/index.php	b96760544858e642129addb65f5c109384b97a11
+++ htdocs/news/security/index.php	52acdb75f3fd721e1daa17b98def331a988f234d
@@ -637,7 +637,7 @@ $vulnerabilities = array(
 	array(
 		"title"        => "XMPP remote crash",
 		"date"         => "2011-07-08",
-		"cve"          => "",
+		"cve"          => "CVE-2011-4939",
 		"description"  => "Certain types of nickname changes in XMPP chat rooms can trigger a NULL pointer dereference in Pidgin, which triggers a crash.",
 		"fix"          => "Check for NULL before trying to use a struct.",
 		"fixrevisions" => "d1d77da56217f3a083e1d459bef054db9f1d5699",
@@ -647,7 +647,7 @@ $vulnerabilities = array(
 	array(
 		"title"        => "Possible MSN remote crash",
 		"date"         => "2012-01-17",
-		"cve"          => "",
+		"cve"          => "CVE-2012-1178",
 		"description"  => "In some situations the MSN server sends text that isn't UTF-8 encoded, and Pidgin fails to verify the text's encoding.  In some cases this can lead to a crash when attempting to display the text.",
 		"fix"          => "Verify that incoming text is UTF-8, and sanitize if it's not.",
 		"fixrevisions" => "3053d6a37cc6d8774aba7607b992a4408216adcd,ecabfaee8a1ca02e18ebadbb41cdcce19e78bc2e,b1b8c222ab921963f43e83502b6c6e2e4489a8c4,fdb56683f2b5f88f7b388aaef6c53c810d19e374,f12c9f6a6c31bcd3512f162209285a88a86595ff",


More information about the Commits mailing list